IdenTrust, which is used as root certificate for Let's Encrypt, has become the most popular SSL certificate authority

IdenTrust is now used by 17.5% of all websites, up from virtually zero three years ago. As the whole SSL certificate market grows fast, its competitors are mostly doing fine too - at the moment.

It's only a bit more that two years since Let's Encrypt started issuing SSL certificates, but they had quite an impact on the market. The main reason is probably the fact that their certificates are free, but others had issued free certificates before without having much success. So, the second reason, namely the ability to fully automate the process of obtaining and renewing certificates, may have been just as important. And having the Mozilla Foundation and the Electronic Frontier Foundation, two well respected organizations, starting the effort certainly helped as well.

Identrust is now used by 17.5% of all websites, up from virtually zero three years ago. The percentage of new sites that use IdenTrust is even higher at 22.7%.

It is important to note, however, that most of the other SSL certificate providers have also recently increased the number of sites they serve, just not as fast as IdenTrust. Comodo, for example, has increased from 5% to 17.5% in the last three years. At the same time, the percentage of sites that use no certificate or an invalid one (issued for a different domain) went down from 84.5% to 50.2%.

The number of expired certificates has increased from 0.2% to 1.4%. This may well have to do with the short validity period of Let's Encrypt certificates, which is three months instead of the more common period of one year of most other providers.

While IdenTrust has became the most popular SSL authority overall, sites with high traffic still clearly prefer other providers.

Among the top 1000 sites DigiCert group has a market share of 44.3%, and Comodo has 21.7%, whereas IdenTrust has only 2.3% of that market segment. One reason for that is certainly that Let's Encrypt provides only domain-validated certificates and not the higher level organization validation and extended validation certificates. A second reason for the low popularity among high-traffic sites has just disappeared a few week ago, when Let's Encrypt introduced support for wild card certificates. We will see what effect that has on their market share.

IdenTrust is most popular is Europe. It is the number one SSL certificate authority in Germany, France, Spain, Italy, Russia and most other European countries. Comodo is still the most popular provider in most of North and South America, in Australia, in most African countries and in India and the UK. The DigiCert group, due to its acquisition of the Symantec brands, is the number one in China and Japan.

Only 30.3% of all websites use https per default today. There is still much room for growth for all SSL certificate providers. but Let's Encrypt seems to be in a very good position.

_________________
Please note, that all trends and figures mentioned in that article are valid at the time of writing. Our surveys are updated frequently, and these trends and figures are likely to change over time.